package com.zjh.springsecurity03.config;

import lombok.AllArgsConstructor;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.security.web.util.matcher.OrRequestMatcher;

@Configuration
@AllArgsConstructor
public class WebConfig extends WebSecurityConfigurerAdapter {
    private final MyUserDetialsService myUserDetialsService;

//    @Autowired
//    public void initialize(AuthenticationManagerBuilder builder) throws Exception {
//        InMemoryUserDetailsManager inMemoryUserDetailsManager = new InMemoryUserDetailsManager();
//        inMemoryUserDetailsManager.createUser(
//                User.withUsername("root")
//                        .password("{noop}1234")
//                        .roles("USER")
//                        .build()
//        );
//        builder.userDetailsService(inMemoryUserDetailsManager);
//
//    }

//        @Override
//    protected void configure(AuthenticationManagerBuilder builder) throws Exception {
//        InMemoryUserDetailsManager inMemoryUserDetailsManager = new InMemoryUserDetailsManager();
//        inMemoryUserDetailsManager.createUser(
//                User.withUsername("root")
//                        .password("{noop}1234")
//                        .roles("USER")
//                        .build()
//        );
//        builder.userDetailsService(inMemoryUserDetailsManager);
//    }
    @Override
    protected void configure(AuthenticationManagerBuilder builder) throws Exception {


        builder.userDetailsService(myUserDetialsService);
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests()
                .mvcMatchers("/Login.html").permitAll()
                .mvcMatchers("/index").permitAll()
                .anyRequest().authenticated()
                .and()
                .formLogin()
                .loginPage("/Login.html")//登录请求，指定自定义登陆页面
                //UsernamePasswordAuthenticationFilter 中配置过滤器拦截的请求路径,以及表单验证的参数
                .loginProcessingUrl("/doLogin")
                .usernameParameter("username")
                .passwordParameter("password")
                .and()
//                .logout()
//                .logoutUrl("/logout")
//                .logoutSuccessUrl("/Login.html")
//                .invalidateHttpSession(true)
//                .clearAuthentication(true)
                .logout()
                .logoutRequestMatcher(new OrRequestMatcher(
                        new AntPathRequestMatcher("/logout1", "GET"),
                        new AntPathRequestMatcher("/logout2", "GET")
                ))
                .invalidateHttpSession(true)
                .clearAuthentication(true)
                .logoutSuccessUrl("/Login.html")
                .and()
                .csrf().disable();

    }
}
